Mac-Addict
Aug 31, 07:00 PM
Yes i think i will sell my smelly PSP :) This post has been edited over 24 times due to smelling pistakes
**Spelling mistakes
**Spelling mistakes
munkery
Mar 22, 08:35 PM
Kernel
A privilege checking issue existed in the i386_set_ldt system call's handling of call gates. A local user may be able to execute arbitrary code with system privileges. This issue is addressed by disallowing creation of call gate entries via i386_set_ldt().
Generating a successful malware from that list of vulnerabilities has two requirements:
1) A remote arbitrary code execution vulnerability has to be linked to a local privilege escalation vulnerability.
2) Those vulnerabilities that can be linked together must both be exploitable. Not all vulnerabilities are exploitable.
The only local privilege escalation vulnerability in that update is shown above. To be linked to a remote vulnerability to create a successful malware requires the following:
1) The call function must be used by a process that also has an remote vulnerability so that the vulns can be linked together to install a payload, such as rootkit. It is likely that not all processes will use that call function. Also, that call function is for 32-bit processes and most client side software in Mac OS X that may contain a remote exploit are 64-bit processes.
2) The two vulnerabilities have to be reliably exploitable once linked together as well as being reliably exploitable independently so that they can actually be linked together. Again, not all vulnerabilities are exploitable.
Linking together remote and local exploits is more difficult in Mac OS X than Windows. This is because Windows has far more local privilege escalation exploits than Mac OS X. Another factor is that the different levels of Windows are less insulated from each other than the different levels of Mac OS X. A common method to achieve privilege escalation in Windows is by manipulating registry values.
http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/ -> outlines how to exploit win32k.sys vulnerabilities by manipulating registry values.
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=win32k -> list of win32k.sys vulnerabilities.
A privilege checking issue existed in the i386_set_ldt system call's handling of call gates. A local user may be able to execute arbitrary code with system privileges. This issue is addressed by disallowing creation of call gate entries via i386_set_ldt().
Generating a successful malware from that list of vulnerabilities has two requirements:
1) A remote arbitrary code execution vulnerability has to be linked to a local privilege escalation vulnerability.
2) Those vulnerabilities that can be linked together must both be exploitable. Not all vulnerabilities are exploitable.
The only local privilege escalation vulnerability in that update is shown above. To be linked to a remote vulnerability to create a successful malware requires the following:
1) The call function must be used by a process that also has an remote vulnerability so that the vulns can be linked together to install a payload, such as rootkit. It is likely that not all processes will use that call function. Also, that call function is for 32-bit processes and most client side software in Mac OS X that may contain a remote exploit are 64-bit processes.
2) The two vulnerabilities have to be reliably exploitable once linked together as well as being reliably exploitable independently so that they can actually be linked together. Again, not all vulnerabilities are exploitable.
Linking together remote and local exploits is more difficult in Mac OS X than Windows. This is because Windows has far more local privilege escalation exploits than Mac OS X. Another factor is that the different levels of Windows are less insulated from each other than the different levels of Mac OS X. A common method to achieve privilege escalation in Windows is by manipulating registry values.
http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/ -> outlines how to exploit win32k.sys vulnerabilities by manipulating registry values.
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=win32k -> list of win32k.sys vulnerabilities.
nikole95
Jan 9, 01:35 AM
Sad, but true :(
(And I don't feel the need to argue or debate or say more in this thread to justify this obvious fact.)
Yes. Absolutely. A closed filesystem where you're only able to download anything significant through a moderated app store is going to be riddled with viruses.
(And I don't feel the need to argue or debate or say more in this thread to justify this obvious fact.)
Yes. Absolutely. A closed filesystem where you're only able to download anything significant through a moderated app store is going to be riddled with viruses.
Dont Hurt Me
Oct 27, 09:25 AM
Free speech was killed decades ago by every business along with every govts help. Green Peace agreed though to keep it in the booth, they didnt so they are to blame. This is a Mac expo not a tree huggers convention.
Gem�tlichkeit
Mar 22, 02:30 PM
Please please please let them release Sandy Bridge for the MacBook Air :)
adk
Apr 24, 11:56 PM
Why do I feel like you are one of the people who purposely try to slow people down because you need to be on some higher moral ground and make sure the entire world does the speed you believe is safe?
Had that woman just moved like everyone else did, I would have never had to cut her off in order to punish her. And yes I did have to punish her, because she needed to be taught her dang place on the road.
Aren't you doing the exact same thing?
Had that woman just moved like everyone else did, I would have never had to cut her off in order to punish her. And yes I did have to punish her, because she needed to be taught her dang place on the road.
Aren't you doing the exact same thing?
Hunts121
Jul 14, 09:57 AM
It's a mess to open up the iMac and take the heatsink/CPU assembly off. Even I think it's scary. :eek:
haha I never said I'd attempt it, just that its possible :D
haha I never said I'd attempt it, just that its possible :D
apnewb
Mar 23, 09:26 AM
A 24" TOUCH SCREEN would be a great addition???
3N16MA
Mar 30, 01:47 PM
But it is an "app store".
According to Microsoft it's a market. No one calls the local farmers market a store yet everyone knows you can purchase products there.
According to Microsoft it's a market. No one calls the local farmers market a store yet everyone knows you can purchase products there.
Joshuarocks
Apr 19, 11:36 PM
http://johnpilger.com/videos
He's even got an awesome interview with Julian Assange. His documentary "The War You Don't See" is a must watch though.
What does he say about the coming New World Order that Bush and Obama keep talking about, and also the coming North American Union + Amero?
He's even got an awesome interview with Julian Assange. His documentary "The War You Don't See" is a must watch though.
What does he say about the coming New World Order that Bush and Obama keep talking about, and also the coming North American Union + Amero?
Unspeaked
Sep 14, 09:56 AM
If Apple DOES introduce C2D MacBook Pros at this, it will have to totally redesign the case to make it "invite event" worthy.
If all that's being changed is the processor, or minor cae changes (like the addition of FW800 across the line), it will simply be done in silent, overnight fashion as was the case with the iMac update.
That being said, I don't see such a radical case design this soon. That seems more like something where they'd like to focus on the computer itself, which wouldn't happen as part of a photo show.
Why do people seem convinced Apple won't release something like an SLR or video camera?
Also, there's always a chance that in addition to an Aperture update, we'll get TOTALLY NEW photo software; remember what happened with Final Cut Pro - first came it and then came a slew of other video products from Apple.
If all that's being changed is the processor, or minor cae changes (like the addition of FW800 across the line), it will simply be done in silent, overnight fashion as was the case with the iMac update.
That being said, I don't see such a radical case design this soon. That seems more like something where they'd like to focus on the computer itself, which wouldn't happen as part of a photo show.
Why do people seem convinced Apple won't release something like an SLR or video camera?
Also, there's always a chance that in addition to an Aperture update, we'll get TOTALLY NEW photo software; remember what happened with Final Cut Pro - first came it and then came a slew of other video products from Apple.
HecubusPro
Aug 28, 04:18 PM
I believe such behavior is sign of impending mental collapse...
I wouldn't do it, but it might make some one happy. You never know.
I wouldn't do it, but it might make some one happy. You never know.
Agent Smith
Oct 12, 05:39 PM
Blah at Bonos new hair
Hehe...yeah. PopMart called...they want their hair back. :p
Hehe...yeah. PopMart called...they want their hair back. :p
HiRez
Sep 19, 11:14 PM
Why is Apple always cutting corners? They get so close to great things, but not close enough.I sadly kind of agree with this sentiment, and I love your avatar icon! :)
monke
Sep 13, 09:00 PM
Hmmm.. Ok, not really shocked by the design a whole lot, but finally there is some (for lack of a better word) proof of what it looks like. Sure hope it comes in aluminum and white :D
OdduWon
Sep 5, 06:47 PM
it seems like the reason this apple is broadcasting to the event is so that they can show how their new ichat streaming dot mac movie/video chat ipod pack works;) .
realberen
Apr 30, 01:40 PM
I expect the Intel Z68 chipset used:
http://blog.saers.com/archives/2011/04/30/intel-z68-chipset-for-the-imac-thatll-be-released-tuesday-may-3rd/
http://blog.saers.com/archives/2011/04/30/intel-z68-chipset-for-the-imac-thatll-be-released-tuesday-may-3rd/
Lershac
Apr 22, 11:12 PM
I've heard this request from a lot of people on this forum. Is this really a deal breaker for you? the screen isn't bright enough at night to illuminate the keys that you need a separate source of light?
Yes it is a deal breaker. I actually spend quite a bit of time in bed after lights out surfing and reading, keeping up with stuff (I am doing it at this moment) with the brightness at the lowest level +1 to not disturb my wife, and its definitely not enough to see the keyboard.
I also like it for taking notes in a dark presentation room. I got the newer air and returned it after a week (and gladly paid the restocking fee) because of this alone. I really liked the reduced weight and bulk, didnt miss the optical drive, but I gotta have that keyboard backlit.
right now I tend to use the ipad when I am just reading, but when I have to type it gets awkward, so I break out a laptop.
Yes it is a deal breaker. I actually spend quite a bit of time in bed after lights out surfing and reading, keeping up with stuff (I am doing it at this moment) with the brightness at the lowest level +1 to not disturb my wife, and its definitely not enough to see the keyboard.
I also like it for taking notes in a dark presentation room. I got the newer air and returned it after a week (and gladly paid the restocking fee) because of this alone. I really liked the reduced weight and bulk, didnt miss the optical drive, but I gotta have that keyboard backlit.
right now I tend to use the ipad when I am just reading, but when I have to type it gets awkward, so I break out a laptop.
ChazUK
Apr 22, 01:39 AM
So Apple's method could be more efficient their side, offering a spotify type model where everyone accesses the same iTunes purchased track (except this time they own it) instead of Amazon's where each indivdual track is stored in their "digital locker"?
A nice bt of foresight by Apple if so.
A nice bt of foresight by Apple if so.
BC2009
Mar 30, 11:52 AM
It seems that App on its own is generic, but the combination with another word to define a particular thing is not... see
Lady + Gaga
Best + Buy
Face + Book
Micro + Soft
General + Electric
Pintos + Cheese .. okay, maybe not that
Very good points. Trademarks like this are granted all the time. The word "App" may have been common slang among IT professionals for a while, but certainly not "App Store". Like I said before though -- whenever Apple wants to use a common term they just stick an "i" in front of it. Wouldn't "iApp Store" have made this whole thing go away? :)
Lady + Gaga
Best + Buy
Face + Book
Micro + Soft
General + Electric
Pintos + Cheese .. okay, maybe not that
Very good points. Trademarks like this are granted all the time. The word "App" may have been common slang among IT professionals for a while, but certainly not "App Store". Like I said before though -- whenever Apple wants to use a common term they just stick an "i" in front of it. Wouldn't "iApp Store" have made this whole thing go away? :)
AppleScruff1
Mar 23, 06:46 PM
How do you feel about Amazon selling "The Pedophile's Guide to Love and Pleasure" ?
EagerDragon
Sep 14, 06:33 PM
I doubt we'll see some headless tower (apart from the macpro) i honestly don't think its in apple's interest to openup a new price point. Mac mini provides a nice entry for windows users, people wanting something next to their tv, or have the monitor etc already. MacBook provides mobile low end. iMac allows a bit more power and features over the mini for home users wanting a bit more and companies and people who dont need the power of the Mac Pro. MacBook Pro is high end portable allowing for graphics, photography, design, etc, and to some extent gaming on the go. The Mac Pro is the beast, a workstation more than a desktop and therefore is over specced for the normal user. But why put in a new model in between a imac and a mac pro when having the gap forces people looking for more than an imac to go for the mac pro and increase revenue. By creating an 'in between' model it takes sales away from the popular imac and the expensive mac pro, would probably have to have lower margins to get people to buy it and would just float about in the middle. Maybe die a fate similar to the cube? I don't see it being a smart move.
Mac Pro is not a gaming machine. The memory kills it. It is a server/workstation class designed to worked on large pieces of data.
Gaming is very different and can not use slow memory, it needs to be snappy. Apple does need to make the Gamer machine but it does not have to be as big as the Mac Pro. Kensfield is a real possibility in that system, and yes it is coming in my opinion. Not so much for us but for selling to Wintel users and potential switchers.
Mac Pro is not a gaming machine. The memory kills it. It is a server/workstation class designed to worked on large pieces of data.
Gaming is very different and can not use slow memory, it needs to be snappy. Apple does need to make the Gamer machine but it does not have to be as big as the Mac Pro. Kensfield is a real possibility in that system, and yes it is coming in my opinion. Not so much for us but for selling to Wintel users and potential switchers.
scott523
Oct 12, 10:50 PM
From looking at the picture, should it be a fact that the red iPod nano is coming out? It doesn't look like a rumor that I see red iPod nanos on display.
Miles513
Apr 4, 09:20 AM
Having been bitten numerous times by McAfee, I never believe their press releases.
Way back, I subscribed to their virus and firewall software. I tested the firewall, and it worked. Until they updated it to a slicker looking interface. Some sixth sense made me test it again, and bingo, my computer was exposed. McAfee customer "support" was not interested. They had my annual subscription, and that was all they wanted.
After ripping all McAfee code out of my PC, I was dismayed to find that my employer signed up for McAfee products.
Months and months of slow PC, followed by bricking thousands of employee PCs with their encryption-at-rest software.
co-sign, same thing happened to me
Way back, I subscribed to their virus and firewall software. I tested the firewall, and it worked. Until they updated it to a slicker looking interface. Some sixth sense made me test it again, and bingo, my computer was exposed. McAfee customer "support" was not interested. They had my annual subscription, and that was all they wanted.
After ripping all McAfee code out of my PC, I was dismayed to find that my employer signed up for McAfee products.
Months and months of slow PC, followed by bricking thousands of employee PCs with their encryption-at-rest software.
co-sign, same thing happened to me
